Bazaar2 Monthly Report - March 2017

Finally, after many months of doing behind the scenes plumbing, we now have a steady stream of very visible progress. The big news is that we launched our first client app alpha of the totally new user experience, after an intense development sprint. You can get it now in F-Droid by finding F-Droid in installed apps, and then selecting version 0.103-alpha from the list.

We had a good meeting with Fairphone at their lovely Amsterdam office, and nailed down a plan to get F-Droid integrated in Fairphone Open OS, which can be installed on any Fairphone2. They are also working on shipping Fairphone OS devices directly. From Fairphone, we learned about https://uhuru-mobile.com/ which already includes F-Droid as its app store. Uhuru provides an open source “Mobile Device Manager” service which will integrate nicely with the F-Droid Repomaker service being developed from the “2 Curation Tools” effort.

There was also a lot of presentation activity in March. Torsten and Seamus attended the Internet Freedom Festival. Hans presented F-Droid at the Android Security Symposium (https://youtu.be/yBxIVM0-3Vk) and RightsCon, and attended Tor Dev Meeting and Iran Cyber Dialogue, where F-Droid was a topic of discussion. Seamus was also at Iran Cyber Dialogue and RightsCon.

At the Android Security Symposium (https://usmile.at/symposium/), there were lots of related discussions at the various private meals for the speakers, which included key security people from Google, AT&T, universities and private security research companies. There was agreement that the most effective single security measure is limiting access to what apps can be installed on the device. We agree, and are working to support this kind of setup, since it will be very useful for lots of high risk users. This is the same model used by Copperhead, Uhuru Mobile, Fairphone Open, and many DIY projects. To make this possible, the essential part is giving organizations control over the apps that they make available, and making this as easy as possible to manage.

Also, Nico Alt has joined us working on F-Droid as part of the Bazaar2 funding. He's a long time F-Droid contributor, working on the client, leading up the new forum, and the new website design.

Objective 1 Simple multi-pronged distribution

The new “binary transparency log” feature is now available. The idea is to publish an append-only log of all the binaries that an update system has published. Then anyone can check that the binary that they received on their device matches the official list based on hash. This feature has two parts:

We have preliminary free software Android emulator images that we aim to ship, since Google now only ships proprietary Google Play images. This makes it easy for people to develop using only the F-Droid stack: https://gitlab.com/fdroid/emulator-system-images

F-Droid server tools can now automatically upload releases to Android Observatory and VirusTotal. These services generate lots of useful indexes for discovering and tracking malware.

We are also looking at the Flyve Mobile Device Management software since it provides some complementary and some overlapping functionality. It looks like the full source is available. It is also a web app, but written with PHP rather than Repomaker’s Python. The source is here: https://github.com/flyve-mdm and a free demo is available here: https://flyve-mdm.com/

Objective 3 Modern App Store with Built-in Circumvention

In March, the new user experience was mostly completed and is now available as an alpha release: 0.103-alpha. In addition, there were some additions to the UI which were implemented in response to the two user tests that we ran, one in Texas and the other in Vienna. F-Droid client now has much better support for the following, long awaited features:

Bulk Download: The previous stable release of F-Droid had rudimentary support for downloading multiple apps at once. However the feedback to the user was incomplete and it was prone to forgetting that a user had downloaded some apps (e.g. if they close F-Droid and come back later).

Now there is first class support for viewing the status of each download in one location, the "Updates" tab. This also includes all of the apps whichcan be updated, and will make it easier in the future to show other important information about each app (e.g. if security vulnerabilities are found, or if an app has to be removed from the repo).

Offline queue for download: One thing F-Droid can do that other stores cannot, is to let the user browse through apps while offline. Now, users are notified that they are using F-Droid without internet access. As they view apps, they are prompted to "Download later" which puts apps in a queue, to be shown in the "Updates" tab. This queue is automatically downloaded when they next come online. This feature is completed, but not yet merged into master.

The totally overhauled website is nearing launch. We have the full website built now using the Jekyll static site generator. We just need to nail down a secure and automated deploy process. This whole setup makes it much easier to run the F-Droid infrastructure since there will be almost no server-side code running. And it can be flexibly reused in custom app stores based on F-Droid.

We polished up the “F-Droid Privileged Extension”, which allows F-Droid to work without Unknown Sources, and do fully automated background updates. We worked with CopperheadOS to make sure that this system works well in the latest Android release, 7.1.1.

We submitted a complete patch to FairphoneOS to build and include the F-Droid Privileged Extension into their Fairphone Open builds as the core of the F-Droid integration: https://code.fairphone.com/gerrit/#/c/27/

We worked with security researchers who work on the CVE system and prototyped a way to support Android/Java libraries in the CVE system so that the automated scanners that we have implemented can use the CVE system as a source of data about known vulnerabilities. This data can then be used downloaded by the F-Droid client app to report known issues with any apps that are installed.